Posts tagged: ansible

Vaulted Secrets Without Git Churn

Ansible Vault keeps secrets out of sight, but the ciphertext changes on every encrypt. That turns Git diffs into noise and makes it hard to tell if anything actually changed. Decrypting, editing, and re-encrypting often leaves uncertainty about whether any plaintext changed. This is amplified when secret repos are tightly coupled to dependent repositories. A typical cycle includes decrypting, adding a key, updating a value, applying changes, and returning later with little clarity about what changed while secrets were in plaintext.

Today a new workflow was created with @gpt-5.2-codex to keep diffs clean and avoid re-encrypting when the plaintext is identical.

Re-encrypting a file with the same content produces different ciphertext. A simple decrypt/encrypt cycle can look like a full file change, even when the plaintext is identical. That creates uncertainty and makes GitOps workflows feel brittle.

...

💭 Ansible Galaxy - amazon.aws

!https://galaxy.ansible.com/ui/repo/published/amazon/aws/content/module/s3_bucket/#examples

Installing system nerd-fonts with ansible

Lately I've been on a journey to really clean up my dotfiles, and I was completely missing fonts. I noticed jumping i...

Installing packages with ansible only if they do not exist

Part of my neovim setup requires having the python formatter installed and callable. I install it with so that I don'...

`j`	Scroll down
`k`	Scroll up
`g` `g`	Scroll to top
`Shift` `G`	Scroll to bottom
`d`	Half-page down
`u`	Half-page up

`j` / `↓`	Next post (in feeds)
`k` / `↑`	Previous post (in feeds)
`Enter` / `o`	Open highlighted post
`Shift` `O`	Open in new tab
`g` `h`	Go to home
`g` `s`	Focus search
`[`	Previous page
`]`	Next page
`s`	Toggle simple/rich feed view

`/`	Focus search input
`⌘CtrlK`	Focus search (alternative)
`y` `y`	Copy URL to clipboard
`?`	Show this help
`Esc`	Close / clear highlight